Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/zrFslhagde2QZC-s0r4AivMPDWs.roa
File: zrFslhagde2QZC-s0r4AivMPDWs.roa (raw, json)
Hash identifier: OvIQY4v90nBstce7QPmbumsQP6qCVNwAGXTUTVsbc7c=
Subject key identifier: CE:B1:6C:96:16:A0:75:ED:90:64:2F:AC:D2:BE:00:8A:F3:0F:0D:6B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185E5C11400F1D6BCE2C4508D1AAB36D338
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/zrFslhagde2QZC-s0r4AivMPDWs.roa
Signing time: Tue 24 Jan 2023 21:48:34 +0000
ROA not before: Tue 24 Jan 2023 21:48:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56361
IP address blocks: 95.46.166.0/23 maxlen: 24
95.46.168.0/22 maxlen: 24
31.148.192.0/22 maxlen: 24
31.148.104.0/21 maxlen: 24
93.171.36.0/22 maxlen: 24
93.171.34.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e5:c1:14:00:f1:d6:bc:e2:c4:50:8d:1a:ab:36:d3:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 24 21:48:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ceb16c9616a075ed90642facd2be008af30f0d6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:57:07:c2:ca:52:37:4e:27:95:c4:5f:52:51:
53:70:c6:4c:2c:2e:41:2f:b7:05:a9:fb:72:f8:9b:
d4:30:5c:d6:6d:50:1f:02:c6:0a:84:c2:89:fe:f3:
96:8f:ae:b8:16:bb:38:50:57:61:99:dc:52:83:99:
94:d1:fe:6d:c5:58:63:67:59:c4:af:3b:b1:05:87:
d0:3b:ae:d5:32:9f:4d:50:aa:86:51:fa:f4:dc:5c:
eb:35:4f:7c:21:72:42:0f:3c:33:90:f3:89:b6:ad:
fa:5a:ca:cf:4b:2f:3c:54:82:ec:a1:d2:fe:bf:67:
05:1b:6e:4f:77:7a:60:60:b5:8c:bb:dd:d3:9d:ae:
f9:84:77:b2:80:58:71:04:c2:e1:54:2b:f3:27:e8:
b1:33:a7:8e:a3:ce:ce:01:b3:8c:1a:c1:cd:3f:ac:
c7:d4:65:68:94:a4:4e:39:f3:34:1c:16:35:49:00:
f4:c0:2a:b6:9f:09:46:6e:c9:95:df:5b:dc:b8:34:
23:a9:90:67:3d:0e:e3:fa:4a:21:43:59:0c:23:ed:
0f:72:72:b4:81:80:09:fd:ad:90:d5:ac:8f:da:75:
6e:6c:74:13:c9:6a:40:14:ac:1e:07:36:87:98:43:
cb:e0:6e:7f:68:8c:72:d1:26:36:ae:78:82:3f:cb:
be:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B1:6C:96:16:A0:75:ED:90:64:2F:AC:D2:BE:00:8A:F3:0F:0D:6B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/zrFslhagde2QZC-s0r4AivMPDWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.104.0/21
31.148.192.0/22
93.171.34.0-93.171.39.255
95.46.166.0-95.46.171.255
Signature Algorithm: sha256WithRSAEncryption
30:e4:5c:df:fd:ea:7a:c7:de:cf:c6:28:bc:c5:18:11:e4:dc:
a5:51:15:9a:d5:24:93:3e:ae:d2:a2:d6:eb:6e:99:2e:7d:9c:
70:9e:53:60:71:98:87:f3:d3:8f:ff:0b:4b:de:45:ef:28:b8:
92:90:47:ac:e8:fd:ff:df:40:f6:35:fc:cf:18:31:68:3d:78:
62:18:a6:e6:ab:dc:dc:82:a5:51:7b:b2:5b:af:83:95:18:c0:
66:9a:7a:d0:a5:bd:08:52:3d:50:44:84:ed:5b:82:0d:bf:81:
c6:b2:d7:b0:93:16:ba:ed:25:be:0e:7e:70:1c:fe:86:a9:05:
80:3c:b5:bd:6b:10:e1:48:5b:e6:de:90:54:f8:97:69:60:51:
50:c7:9e:5c:f6:cc:2a:3c:3d:bc:d4:f3:fd:d5:26:15:da:01:
97:bb:b1:ae:af:20:40:12:1f:2d:bf:78:c7:70:22:76:a9:ea:
f6:c0:d4:05:5e:75:c5:7f:f7:91:9e:0b:d6:aa:ef:71:cd:95:
83:77:1c:9c:88:b0:64:b3:bc:75:f6:28:d4:b7:db:6f:26:fb:
8a:af:12:4e:f0:76:fd:47:38:a5:f7:fc:a3:43:a1:a6:0b:9a:
e7:8b:8b:51:d2:b9:f9:7b:6d:2c:e5:bb:fc:2c:a7:d3:20:5c:
64:23:25:61
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYXlwRQA8da84sRQjRqrNtM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTI0MjE0ODM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWIxNmM5NjE2YTA3NWVkOTA2NDJmYWNkMmJlMDA4YWYzMGYwZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVcHwspSN04nlcRfUlFTcMZMLC5B
L7cFqfty+JvUMFzWbVAfAsYKhMKJ/vOWj664Frs4UFdhmdxSg5mU0f5txVhjZ1nE
rzuxBYfQO67VMp9NUKqGUfr03FzrNU98IXJCDzwzkPOJtq36WsrPSy88VILsodL+
v2cFG25Pd3pgYLWMu93Tna75hHeygFhxBMLhVCvzJ+ixM6eOo87OAbOMGsHNP6zH
1GVolKROOfM0HBY1SQD0wCq2nwlGbsmV31vcuDQjqZBnPQ7j+kohQ1kMI+0PcnK0
gYAJ/a2Q1ayP2nVubHQTyWpAFKweBzaHmEPL4G5/aIxy0SY2rniCP8u+owIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFM6xbJYWoHXtkGQvrNK+AIrzDw1rMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvenJGc2xoYWdkZTJRWkMtczByNEFpdk1QRFdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQDH5RoAwQC
H5TAMAwDBAFdqyIDBANdqyAwDAMEAV8upgMEAl8uqDANBgkqhkiG9w0BAQsFAAOC
AQEAMORc3/3qesfez8YovMUYEeTcpVEVmtUkkz6u0qLW626ZLn2ccJ5TYHGYh/PT
j/8LS95F7yi4kpBHrOj9/99A9jX8zxgxaD14Yhim5qvc3IKlUXuyW6+DlRjAZpp6
0KW9CFI9UESE7VuCDb+BxrLXsJMWuu0lvg5+cBz+hqkFgDy1vWsQ4Uhb5t6QVPiX
aWBRUMeeXPbMKjw9vNTz/dUmFdoBl7uxrq8gQBIfLb94x3Aidqnq9sDUBV51xX/3
kZ4L1qrvcc2Vg3ccnIiwZLO8dfYo1Lfbbyb7iq8STvB2/Uc4pff8o0Ohpgua54uL
UdK5+XttLOW7/Cyn0yBcZCMlYQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:31:52 2025 by rpki-client